IBM Cloud Private on Linux on IBM Z & LinuxONE Presentation for Vicom Infinity Kershaw Mehta - Chief Architect for Cloud Computing for IBM Z (kershaw@us.ibm.com) December 14, 2017
Evolution of how workloads are built & delivered Existing, Monolithic Apps Extended / Enabled Solutions New Cloud Native Apps Lines of Business Lines of Business Lines of Business Lines of Business Data Function Proprietary Proprietary Proprietary Proprietary Container Cloud Cloud Services Build once, deploy anywhere Linux, DevOps, PaaS, Open Source, Customer Customer Enterprise Auto Scaling, CI / CD, DevOps, Docker, Linux, Relational Resource Relationship App Containers, PaaS, Open Source, ISV Containers … Database Planning Management Cognitive Services Web, Mobile, Cognitive, BD&A, AI Web, Mobile, Cognitive, BD&A, AI Continuous DevOps Integration By 2018 , Over 60% of New Apps & Delivery Will Use Cloud-Enabled Continuous Delivery and Cloud-Native Application Cloud Native Developer Experience Architectures to Enable Faster Innovation and Business Agility. ( IDC Prediction) Containers Micro Services 2
Cloud Platform Evolution Cloud-Enabled Application Cloud-Native Application Infrastructure Application code Concerns Composed of Applications microservices Web Server Web Server Business Database Service Service Service Focus IBM Cloud Private on Technology Silos It’s All About the PaaS LinuxONE Applications Operating System Requires Infrastructure IaaS Virtualization Platform specialized Abstraction skill Physical Infrastructure Traditional New Workload Paradigm Shift Application composed of multiple services (microservices) Each service is elastic Each service is resilient Each service is composable 3
The What and Why of Docker Containers? Containers are an abstraction at the Advantages of Containers app layer that packages code and dependencies together • Lightweight footprint & minimal overhead Application code Applications • Portability across machines Web Server Messaging Database Service Service Service • Simplify DevOps practices PaaS • Speed up Continuous Integration Operating System • Enable microservice architectures Virtualization Platform IaaS • Isolation Physical Infrastructure Virtual Machines Containers 4
Agenda • IBM Cloud Private (ICp) • ICp for LoZ/LinuxONE • ICp use cases for LoZ/LinuxONE 5
IBM Cloud Private v2.1 – GA Oct. 24th 2017 • Kubernetes-based, open platform with PaaS and developer services Manage Your Applications • Integrated operations management services – and flexibility to integrate with existing tools / processes • Catalog of modernized and containerized IBM middleware and data services • Untethered environment, providing complete Manage Your Container Cluster control • Runs on existing infrastructure • Evolution of IBM Bluemix Local and IBM Spectrum Conductor for Containers • Provides heterogeneous support & integrated solution for x86, Power and Linux on z/LinuxONE 6
IBM Cloud Private Offering Structure 7
Agenda • IBM Cloud Private (ICp) • ICp for LoZ/LinuxONE • ICp use cases for LoZ/LinuxONE 8
IBM Cloud Private (ICp) for LoZ / LinuxONE • Deliver manage-to-z ICP Platform for IBM z • Deployment of workloads onto worker-nodes running on IBM z • Deliver subset of IBM Middleware (MW) workloads and popular Open Source packages and bring your own workloads for IBM z • Create a Build, Test, Development & Production Environment for z • Works the same as the current Intel toolchains used by MW teams today • Support for IBM z becomes as simple as pressing a button to include IBM z in the CI/CD process • Enables deployment of z/OS subsystem from ICp (roadmap) 9
IBM Cloud Private on LoZ/LinuxONE • Docker Containers and Kubernetes • Service Catalog with a library of services (Db2, WAS, DSX, Node, etc) • Manage-to z (from Intel or Power) Kubernetes based Middleware, Data & Common Services container platform Analytics Services with Linux on z Intel/z 10 * Secure Service Container in ICp on roadmap - All statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
IBM Cloud Private on LoZ / LinuxONE with Cloud Foundry • Cloud Foundry (CF) is a PaaS solution and is optional add-on to ICP and will only run on x86 • The ICp Master runs on Intel, ICp worker nodes on z and CF on Intel • CF is entirely optional and is not required for operations of ICp on Linux on z / LinuxONE Kubernetes based Middleware, Data & Cloud Foundry Common Services container platform Analytics Services with Linux on z Intel/z Intel 11 * Secure Service Container in ICp on roadmap - All statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
IBM Cloud Private Architecture on LoZ / LinuxONE Managed Connected User experience – UI, API, Data Consistent IBM Cloud User experience Services Options Domain Software & Services Hybrid Cloud Mgmt Services Client Middleware & Data New Brokerage Deployment DevOps & Data Analytics & Application Managed Process Integration Planning & Orchestration Repositories Reporting Integration Apps Services & Governance Optimization Management Services to manage hybrid clouds Runs on platform & uses core services Provider Managed Core Platform Consistent runtimes & core management services with public cloud Data & Analytics Services Infrastructure Core Services Cloud Managed Kubernetes IAM Logging Audit API & Data (future) Analytics Connect Containers Monitoring Encryption & Key & Usage Databases Management Cognitive Metering Storage Event Compute (Object & Network Block) With LinuxONE * Core Services Agents * Secure Service Container in ICp on roadmap - All statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. 12
Secure Service Containers* with ICp • Pervasive Encryption for all your ICp container workloads and ICp core- services running on LoZ • Security is transparent to the application • No code changes or special configuration needed • Kubernetes master node secured in SSC • Pod Security Policies locked down • Federation between ICp master and k8s master secured • ICp Worker nodes secured in SSC • Protection from privileged user access • Only secure subset of k8s apis are allowed • Calico security policies are locked down • SSC+ IBM Vulnerability Advisor + (optional) SysDig Secure provides a comprehensive security solution unique to IBM LinuxONE/Linux on z 13 * Secure Service Container + ICp on roadmap - All statements regarding IBM’s future direction and intent are subject to change o r withdrawal without notice, and represent goals and objectives only.
Infrastructure prerequisites for ICp • ICp doesn’t need OpenStack or VMWare as a pre-req • ICp only needs a RHEL/Ubuntu(/SLES support soon!) OS • ICp is also hypervisor agnostic • Works on zVM/KVM/bare-metal etc • ICp even installs docker as part of its bootstrapping process • Can use pre-existing docker install 14
IBM Cloud private on LoZ/LinuxONE – Benefits …To do more work with fewer The most secure data serving platform in the world … servers at lower cost • Integrated cloud platform for enterprise • Deploy private cloud in minutes leveraging workloads which need to be run in a customer LinuxONE vertical scaling capability, Containers with controlled and secure environment DevOps or add from dozens of IBM and Open Source supported services • Designed for refactoring heritage enterprise applications to the cloud era — componentized, • One platform for entire business processes with leveraged for multiple enterprise needs, highly highest Security rating & highest Cloud SLA optimized, secured and highly available availability of any commercially available server connect to existing apps and migrate at your • Support massive workloads with thousands of users pace in parallel and up to thousands of Linux servers – all • Complete environment for developers and in one box operations admins to unleash innovation and • Enables deployment of z/OS subsystem from ICp meet enterprise business needs • Developers can quickly started developing • Leverage upcoming secure service container cloud-native services either on x86 distributed technology on Linux on Z/LinuxONE to protect from systems or LinuxONE with no change in tooling privileged users, ransomware, malware • Key Protect Technology enables hardware support for tamper-proof encryption key storage 15
Recommend
More recommend